There are many ways to protect yourself and your organization against ransomware, but for many businesses, it’s not a case of if, but rather when, a cyberattack or breach occurs. The core premise of ransomware remains the same, however the sophistication of today’s attacks is now far more damaging and financially devastating to businesses. This report will provide a window into the organized gangs who plan and execute attacks and their tactics.
Let’s talk about phishing. Phishing is the top action variety in social engineering breaches, causing over 60% according to Verizon’s Data Breach Investigation report for 2022. Since 2016, phishing has seen an exponential increase in both the email click and do not click rates. This week, the National Cybersecurity Alliance has talked a lot about recognizing and reporting phishing and discussed.
We are thrilled to announce that we are an official champion of National Cybersecurity Awareness Month (NCSAM)! What is NCSAM you ask? It’s only the best month of the year for the cybersecurity community! NCSAM started 19 years ago as a partnership between the National Cybersecurity Alliance (NCA) and the U.S. Department of Homeland Security (DHS).
While October is coming to an end, our commitment to ensuring safety online will continue everyday. In review, this month has highlighted the need for cybersecurity to start with the individual. Below are four steps NCSAM highlighted for businesses of all shapes and sizes can take to better protect themselves against cyber attacks.
One of the leading sources of threats to brand reputation is commonly referred to as the dark web. This cybercrime ecosystem needs to be monitored to keep organizations safe.
Reputational missteps stemming from one of the primary sources in the past—poor judgment and malfeasance—have proven to be extremely costly. CEO Gordon Lawson shares examples of how businesses both can prepare for an attack or discover that some data has already been exfiltrated in his latest Forbes article.
Week Three: Unpatched and out of date software opens an organization’s network up to a variety of vulnerabilities. Threat actors are able to target software with known vulnerabilities to test an organization’s patch management strategy and exploit vulnerabilities that have not been addressed. With unpatched software, threat actors can exploit vulnerabilities that the patches are looking to remediate.
Cybersecurity specialists have been warning about the dangers of what is being called Q-Day or Y2Q — the point when still-evolving quantum computers become powerful enough to brute-force today’s encryption algorithms — but what was once a long-term blip has become a near-term threat after China debuted a usable quantum computer in August.
Check out our latest podcast with CEO Gordon Lawson, former White House CIO Theresa Payton, Alissa “Dr. Jay” Abdullah, PhD, deputy chief security officer & SVP of Emerging Corporate Security Solutions at Mastercard and Steve Morgan from Cybercrime Magazine.
Week Two: One thing we have learned it is how important it is to change your passwords! Today, 75% of people don’t know how to create secure passwords. This is especially concerning as data this year has shown that 81% of the total number of breaches leveraged stolen or weak passwords. Now, more than ever, to #BeCyberSmart strong passwords and a password manager are a must.
Cybersecurity Red Teams play the role of attacker/adversary in cybersecurity wargames. They play the bad guys to help sharpen the skills and toolset of the good guys (the Blue Team). Some companies will maintain an in-house Red Team, and some will contract that roll out to consultants. In order to simulate attacks on the friendly target company, the red team has to maintain much of the same attack infrastructure as threat actors.
Week One of Cybersecurity Awareness Month is underway and we at Conceal could not be more thrilled that identity management made the cut this year! The National Cybersecurity Alliance has been highlighting how you, as the star topic of this month’s approach, can #BeCyberSmart through enabling multi-factor authentication (MFA). Identity management is an imperative aspect of an organization’s cybersecurity strategy, helping ensure that you have the access to the tools and data you need to do your job.
